<?php

/**
 * Created by PhpStorm.
 * User: jc234839
 * Date: 20/04/2014
 * Time: 09:24 AM
 */
class User
{
    private $db;

    public function __construct(PDO $db)
    {
        $this->db = $db;
    }

    public function userExists($email)
    {
        $sql = "SELECT COUNT(*) FROM Users WHERE Email = ?";
        $query = $this->db->prepare($sql);
        $query->bindValue(1, $email);

        try {
            $query->execute();
            $rows = $query->fetchColumn();

            return ($rows == 1) ? true : false;
        } catch (PDOException $e) {
            echo $e->getMessage();
        }
        return false;
    }

    public function register($email, $firstName, $lastName, $password)
    {
        $sql = "INSERT INTO Users (Email, FirstName, LastName, Password, JoinDate) VALUES (?, ?, ?, ?, ?)";
        $query = $this->db->prepare($sql);
        $query->bindValue(1, $email);
        $query->bindValue(2, $firstName);
        $query->bindValue(3, $lastName);
        $query->bindValue(4, sha1($password));
        $query->bindValue(5, date('Y-m-d'));

        try {
            $result = $query->execute();
            return $result;
        } catch (PDOException $e) {
            echo $e->getMessage();
        }
        return false;
    }

    public function logIn($email, $password)
    {
        $query = $this->db->prepare("SELECT UserID, Password, IsAdmin FROM Users WHERE Email = ?");
        $query->bindValue(1, $email);

        try {
            $query->execute();
            $record = $query->fetch();

            $storedPassword = $record['Password'];
            $userID = $record['UserID'];

            // Compare password supplied by user with password on record
            if (sha1($password) === $storedPassword) {
                return $userID;
            } else {
                return false;
            }
        } catch (PDOException $e) {
            echo $e->getMessage();
        }
        return false;
    }

    public function logOut()
    {
        session_start();
        session_destroy();
        header('Location:index.php');
    }

    public function getUserInfo($id)
    {
        $query = $this->db->prepare("SELECT FirstName, IsAdmin FROM Users WHERE UserID = ?");
        $query->bindValue(1, $id);

        try {
            $query->execute();
            return $query->fetch();

        } catch (PDOException $e) {
            echo $e->getMessage();
        }
        return false;
    }

    public function updateUser($userID, $email, $firstName, $lastName, $isAdmin)
    {
        $sql = "UPDATE Users SET Email = ?, FirstName = ?, LastName = ?, IsAdmin = ? WHERE UserID = ?";
        $query = $this->db->prepare($sql);

        $query->bindValue(1, $email);
        $query->bindValue(2, $firstName);
        $query->bindValue(3, $lastName);
        $query->bindValue(4, $isAdmin);
        $query->bindValue(5, $userID);

        try {
            $query->execute();
            if ($query) return "$firstName $lastName's details were updated successfully!";

        } catch (PDOException $e) {
            echo $e->getMessage();
        }

        return "$firstName $lastName's details were not updated successfully!";
    }

    public function deleteUser($userID)
    {
        $sql = "DELETE FROM Users WHERE UserID = ?";
        $query = $this->db->prepare($sql);

        $query->bindValue(1, $userID);

        try {
            $query->execute();
            if ($query) return "Account was successfully deleted!";

        } catch (PDOException $e) {
            echo $e->getMessage();
        }
        return "Unable to delete Account!";
    }
}




